How severe is CVE-2025-68110?

CVE-2025-68110 has a CVSS v3 score of 9.9 (CRITICAL).

CVE-2025-68110

Name: churchcrm
Author: churchcrm

9.9CRITICAL

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 may disclose database information in an error message including the host, ip, username, and password. Version 6.5.3 fixes

Publicado: 12/17/2025Actualizado: 12/18/2025

Descripción

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 may disclose database information in an error message including the host, ip, username, and password. Version 6.5.3 fixes the issue.

Análisis IAImpulsado por IA

Productos Afectados

churchcrmchurchcrm

Referencias

https://github.com/ChurchCRM/CRM/security/advisories/GHSA-82mq-xc2j-3qv2
ExploitVendor Advisory
https://github.com/ChurchCRM/CRM/security/advisories/GHSA-82mq-xc2j-3qv2
ExploitVendor Advisory